pfSense

I have installed two pfsense (2.1) in CARP mode which works fine exceptionally the DHCP server. I had always interrupted communication rsp. recover mode states on both side. Further the master nor the slave provided ip addresses anymore. I didn't find any solution in pfsense forum. I must say that I manage 7 VLANs via pfsense some with DHCP.

As I checked both dhcpd.conf files I found out that some peer groups with same name did refer different interfaces respective subnets. Example

Master:
failover peer "dhcp0" {
primary;
address 192.168.71.254;
port 519;
peer address 192.168.71.253;
peer port 520;
max-response-delay 10;
max-unacked-updates 10;
split 128;
mclt 600;

Slave:
failover peer "dhcp0" {
secondary;
address 192.168.60.253;
port 519;
peer address 192.168.60.254;
peer port 520;
max-response-delay 10;
max-unacked-updates 10;
split 128;
mclt 600;

--> the subnet 192.168.71.0 was in slave pfsense in peer group "dhcp3". --> this configuration can't work.

Then I compared in config.xml the section <dhcp> ... </dhcp> didn't have the same order. Example:
Master's order: <lan> <opt4> <opt3> <opt1> <opt6> <opt2> <opt7>
Slaves's order: <opt3> <lan> <opt2> <opt1> <opt6> <opt2> <opt7>

It seems that pfsense store in order when the dhcp per interface has been activated. The problem was that I have configured the slave in different order. During the dhcpd.conf built pfsense use the storage order as peer group order. After reordering the slave it worked.

Conclusion: The bug is that dhcp interfaces should be ordered in same way as in section "<interfaces>" --> wan lan opt1 opt2 ... optn

Small feature request: rename "dhcp0" to the interface name like "dhcp_lan" or "dhcp_opt1". This makes more sense because "dhcp1" on the status page "dhcp lease" means interface opt4.